This will be the new policy until this bug is fixed: # LP: #1260048 - only allow 'r' for now, since 'w' allow for db poisoning owner @{HOME}/.pki/nssdb/ r, owner @{HOME}/.pki/nssdb/** rk, deny @{HOME}/.pki/nssdb/ w, deny @{HOME}/.pki/nssdb/** w,
This will be the new policy until this bug is fixed: /.pki/nssdb/ ** rk, /.pki/nssdb/ ** w,
# LP: #1260048 - only allow 'r' for now, since 'w' allow for db poisoning
owner @{HOME}/.pki/nssdb/ r,
owner @{HOME}
deny @{HOME}/.pki/nssdb/ w,
deny @{HOME}